MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


DoublePulsar


Vendor detections: 14


Intelligence 14 IOCs YARA 1 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
SHA3-384 hash: 2b57402f0161aaf96d1f04992c46b56d6f36679ad711c9e6a94205b2fa51babc864ddbd690528a1a4cdf7a2a02ddabbf
SHA1 hash: d67f6d9f3353d712c13a96b00f87f4c9d511e26d
MD5 hash: 0692382a5ccf0b0b9406a434352bcd66
humanhash: ink-mexico-tennis-green
File name:SecuriteInfo.com.Trojan.PWS.Panda.8062.7332.22919
Download: download sample
Signature DoublePulsar
Create hunting rule
File size:2'619'113 bytes
First seen:2024-01-22 18:27:58 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash de1fa96ad5bc81910ffb7ed552e29d0d (1 x RedLineStealer, 1 x Gh0stRAT, 1 x Blackmoon)
ssdeep 49152:5wTtKTyEJdyyUa6PrvMrKQHBhzFrBRucp2uBUYYs2aoywX7AqomhDHsH:5atKOMFkxQHBBZOtuBUg2aKXTJMH
TLSH T166C53385FFC495B0F1624E762C83B0896F3AFD2A6E98954B76D43F4E2C7DA81184C4E1
TrID 93.8% (.EXE) Win32 Executable Borland Delphi 7 (664796/42/58)
2.0% (.EXE) Win32 Executable Delphi generic (14182/79/4)
1.4% (.EXE) DOS Borland compiled Executable (generic) (10000/1/2)
0.9% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
0.6% (.EXE) Win32 Executable (generic) (4505/5/1)
File icon (PE):PE icon
dhash icon dc8cbaaa8e8c8e8c (1 x Gh0stRAT, 1 x Blackmoon, 1 x DoublePulsar)
Reporter SecuriteInfoCom
Tags:DoublePulsar exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
339
Origin country :
FR FR
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/472342/
Detection(s):
SecuriteInfo.com.Trojan.PWS.Panda.8062.7332.22919.UNOFFICIAL
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Searching for the window
Сreating synchronization primitives
Creating a file in the %temp% directory
Creating a file in the Windows subdirectories
Enabling the 'hidden' option for recently created files
Creating a process from a recently created file
Running batch commands
Creating a process with a hidden window
Searching for synchronization primitives
Launching a process
Creating a service
Creating a file
Launching a service
Launching cmd.exe command interpreter
Launching the process to interact with network services
Enabling autorun for a service
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
equationdrug fingerprint lolbin overlay packed shell32
Link:
https://www.filescan.io/uploads/65aeb3b887258803c23be5cd/reports/e549fdf5-542a-4968-bbef-f8dc8026a7a0/overview
Verdict:
Malicious
Labled as:
Malware
Link:
https://www.hybrid-analysis.com/sample/44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Malware family:
FuzzBunch
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/a0d9e3f0-de72-48cc-b646-718c82568133
Result
Threat name:
DoublePulsar, ETERNALBLUE
Create hunting rule
Detection:
malicious
Classification:
troj.adwa.expl.evad.mine
Score:
100 / 100
Link:
https://www.joesandbox.com/analysis/1378951
Signature
Antivirus / Scanner detection for submitted sample
Antivirus detection for dropped file
Antivirus detection for URL or domain
Deletes itself after installation
Drops executables to the windows directory (C:\Windows) and starts them
Drops PE files with benign system names
Excessive usage of taskkill to terminate processes
Found strings related to Crypto-Mining
Machine Learning detection for dropped file
Machine Learning detection for sample
Malicious sample detected (through community Yara rule)
Modifies the hosts file
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
PE file has a writeable .text section
Submitted sample is a known malware sample
Uses ping.exe to check the status of other devices and networks
Uses ping.exe to sleep
Yara detected DoublePulsar
Yara detected ETERNALBLUE
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1378951 Sample: SecuriteInfo.com.Trojan.PWS... Startdate: 22/01/2024 Architecture: WINDOWS Score: 100 91 Malicious sample detected (through community Yara rule) 2->91 93 Antivirus detection for URL or domain 2->93 95 Antivirus detection for dropped file 2->95 97 9 other signatures 2->97 9 SecuriteInfo.com.Trojan.PWS.Panda.8062.7332.22919.exe 1 8 2->9         started        13 svchost.exe 2 2 2->13         started        process3 file4 59 C:\Windows\Fonts\Mysql\ctfmon.exe, PE32 9->59 dropped 61 C:\Windows\Fonts\Mysqlternalblue2.dll, PE32 9->61 dropped 63 C:\Windows\Fonts\Mysqlternalblue.dll, PE32 9->63 dropped 65 3 other malicious files 9->65 dropped 103 Drops executables to the windows directory (C:\Windows) and starts them 9->103 15 ctfmon.exe 48 9->15         started        19 xsfxdel~.exe 9->19         started        21 cmd.exe 1 13->21         started        23 conhost.exe 13->23         started        signatures5 process6 file7 69 C:\Windows\Fonts\Mysql\zlib1.dll, PE32 15->69 dropped 71 C:\Windows\Fonts\Mysql\xdvl-0.dll, PE32 15->71 dropped 73 C:\Windows\Fonts\Mysql\ucl.dll, PE32 15->73 dropped 75 27 other files (26 malicious) 15->75 dropped 79 Antivirus detection for dropped file 15->79 81 Multi AV Scanner detection for dropped file 15->81 83 Submitted sample is a known malware sample 15->83 89 2 other signatures 15->89 25 cmd.exe 2 15->25         started        85 Deletes itself after installation 19->85 87 Excessive usage of taskkill to terminate processes 21->87 29 net.exe 21->29         started        31 net.exe 21->31         started        33 net.exe 21->33         started        35 10 other processes 21->35 signatures8 process9 file10 67 C:\Windows\System32\drivers\etc\hosts, ASCII 25->67 dropped 105 Uses ping.exe to sleep 25->105 107 Drops executables to the windows directory (C:\Windows) and starts them 25->107 109 Uses ping.exe to check the status of other devices and networks 25->109 111 2 other signatures 25->111 37 svchost.exe 1 25->37         started        40 PING.EXE 1 25->40         started        43 net.exe 1 25->43         started        53 10 other processes 25->53 45 net1.exe 29->45         started        47 net1.exe 31->47         started        49 net1.exe 33->49         started        51 net1.exe 35->51         started        signatures11 process12 dnsIp13 99 Antivirus detection for dropped file 37->99 101 Multi AV Scanner detection for dropped file 37->101 77 127.0.0.1 unknown unknown 40->77 55 net1.exe 1 43->55         started        57 net1.exe 1 53->57         started        signatures14 process15
Score:
99%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a/
Threat name:
Win32.Trojan.DPulsarShellcode
Create hunting rule
Status:
Malicious
First seen:
2023-06-23 12:14:22 UTC
File Type:
PE (Exe)
Extracted files:
20
AV detection:
22 of 38 (57.89%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=itar6jazu5sqauywrbb7bqesuriypeql5ry63y6smrzuojlv5zva._file
Verdict:
malicious
Result
Malware family:
n/a
Score:
  9/10
Tags:
discovery evasion upx
Link:
https://tria.ge/reports/240122-w4depacadj/
Behaviour
Creates scheduled task(s)
Kills process with WMI
Kills process with taskkill
Runs net.exe
Runs ping.exe
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Views/modifies file attributes
Enumerates physical storage devices
Drops file in Windows directory
Launches sc.exe
Checks computer location settings
Deletes itself
Executes dropped EXE
Loads dropped DLL
UPX packed file
Drops file in Drivers directory
Sets file to hidden
Stops running service(s)
Contacts a large (18047) amount of remote hosts
Creates a large amount of network flows
Unpacked files
SH256 hash:
aa8adf96fc5a7e249a6a487faaf0ed3e00c40259fdae11d4caf47a24a9d3aaed
MD5 hash:
e4ad4df4e41240587b4fe8bbcb32db15
SHA1 hash:
e8c98dbcd20d45bbbbf4994cc4c95dfcf504c690
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
50f329e034db96ba254328cd1e0f588af6126c341ed92ddf4aeb96bc76835937
MD5 hash:
a05c7011ab464e6c353a057973f5a06e
SHA1 hash:
e819a4f985657b58d06b4f8ad483d8e9733e0c37
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
b556b5c077e38dcb65d21a707c19618d02e0a65ff3f9887323728ec078660cc3
MD5 hash:
f82fa69bfe0522163eb0cf8365497da2
SHA1 hash:
75be54839f3d01dc4755ddc319f23f287b1f9a7b
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
0439628816cabe113315751e7113a9e9f720d7e499ffdd78acbac1ed8ba35887
MD5 hash:
3c2fe2dbdf09cfa869344fdb53307cb2
SHA1 hash:
b67a8475e6076a24066b7cb6b36d307244bb741f
Detections:
win_darkpulsar_auto
Create hunting rule
INDICATOR_TOOL_EXP_EternalBlue
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
7d17ba41ab2d4cd013658e2d46d40ead827b2b33be55f038fad1fc188f08ef7a
SH256 hash:
db0831e19a4e3a736ea7498dadc2d6702342f75fd8f7fbae1894ee2e9738c2b4
MD5 hash:
a539d27f33ef16e52430d3d2e92e9d5c
SHA1 hash:
f6d4f160705dc5a8a028baca75b2601574925ac5
Detections:
win_darkpulsar_auto
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
SH256 hash:
b7d8fcc3fb533e5e0069e00bc5a68551479e54a990bb1b658e1bd092c0507d68
MD5 hash:
5b72ccfa122e403919a613785779af49
SHA1 hash:
f560ea0a109772be2b62c539b0bb67c46279abd1
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
f0df80978b3a563077def7ba919e2f49e5883d24176e6b3371a8eef1efe2b06a
MD5 hash:
6b7276e4aa7a1e50735d2f6923b40de4
SHA1 hash:
db8603ac6cac7eb3690f67af7b8d081aa9ce3075
Detections:
win_darkpulsar_auto
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
SH256 hash:
25cef2e9ea661bcf0f6a874501d2bd9e3c91d05d753dcf7541e91f2699b89f1a
MD5 hash:
9cb3057e116941401d0dec6571dc272a
SHA1 hash:
d80272abb08fea01cb2a323cf48b24e202216b57
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
b2a3172a1d676f00a62df376d8da805714553bb3221a8426f9823a8a5887daaa
MD5 hash:
3e89c56056e5525bf4d9e52b28fbbca7
SHA1 hash:
08f93ab25190a44c4e29bee5e8aacecc90dab80c
Detections:
win_darkpulsar_auto
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
7d17ba41ab2d4cd013658e2d46d40ead827b2b33be55f038fad1fc188f08ef7a
SH256 hash:
0259d41720f7084716a3b2bbe34ac6d3021224420f81a4e839b0b3401e5ef29f
MD5 hash:
838ceb02081ac27de43da56bec20fc76
SHA1 hash:
972ab587cdb63c8263eb977f10977fd7d27ecf7b
Detections:
win_darkpulsar_auto
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
SH256 hash:
ca63dbb99d9da431bf23aca80dc787df67bb01104fb9358a7813ed2fce479362
MD5 hash:
f0881d5a7f75389deba3eff3f4df09ac
SHA1 hash:
8404f2776fa8f7f8eaffb7a1859c19b0817b147a
Detections:
win_darkpulsar_auto
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
SH256 hash:
1328bd220d9b4baa8a92b8d3f42f0d123762972d1dfc4b1fd4b4728d67b01dfc
MD5 hash:
c097fd043d3cbabcada0878505c7afa5
SHA1 hash:
966a60028a3a24268c049ffadbe1a07b83de24ce
Detections:
CN_Portscan
Create hunting rule
Hacktools_CN_WinEggDrop
Create hunting rule
INDICATOR_TOOL_SCN_PortScan
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
SH256 hash:
be8eb97d8171b8c91c6bc420346f7a6d2d2f76809a667ade03c990feffadaad5
MD5 hash:
5e8ecdc3e70e2ecb0893cbda2c18906f
SHA1 hash:
43f92d0e47b1371c0442c6cc8af3685c2119f82c
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
15ffbb8d382cd2ff7b0bd4c87a7c0bffd1541c2fe86865af445123bc0b770d13
MD5 hash:
c24315b0585b852110977dacafe6c8c1
SHA1 hash:
be855cd1bfc1e1446a3390c693f29e2a3007c04e
Detections:
win_doublepulsar_w0
Create hunting rule
win_doublepulsar_auto
Create hunting rule
INDICATOR_TOOL_EXP_EternalBlue
Create hunting rule
EquationGroup_Toolset_Apr17_Erraticgopher_1_0_1
Create hunting rule
EquationGroup_Toolset_Apr17_Doublepulsar_1_3_1
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
SH256 hash:
506c234275d09780af379c2d2e617da83484ba9927ebe014c732e9877514c096
MD5 hash:
1ba9879329940513a79513ed27f96cf8
SHA1 hash:
0910944b6ae59b66985bebf2a596a11c13934573
Detections:
CN_Portscan
Create hunting rule
Hacktools_CN_WinEggDrop
Create hunting rule
INDICATOR_TOOL_SCN_PortScan
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
b99c3cc1acbb085c9a895a8c3510f6daaf31f0d2d9ccb8477c7fb7119376f57b
MD5 hash:
4420f8917dc320a78d2ef14136032f69
SHA1 hash:
06cd886586835b2bf0d25fba4c898b69e362ba6d
Detections:
win_doublepulsar_w0
Create hunting rule
INDICATOR_TOOL_EXP_EternalBlue
Create hunting rule
EquationGroup_Toolset_Apr17_Eternalromance_2
Create hunting rule
EquationGroup_Toolset_Apr17_Doublepulsar_1_3_1
Create hunting rule
EquationGroup_Toolset_Apr17_Eternalromance
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
SH256 hash:
aceb27720115a63b9d47e737fd878a61c52435ea4ec86ba8e58ee744bc85c4f3
MD5 hash:
9a5cec05e9c158cbc51cdc972693363d
SHA1 hash:
ca4d1bb44c64a85871944f3913ca6ccddfa2dc04
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
5f30aa2fe338191b972705412b8043b0a134cdb287d754771fc225f2309e82ee
MD5 hash:
f01f09fe90d0f810c44dce4e94785227
SHA1 hash:
036f327417b7e1c6e0b91831440992972bc7802e
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
85b936960fbe5100c170b777e1647ce9f0f01e3ab9742dfc23f37cb0825b30b5
MD5 hash:
8c80dd97c37525927c1e549cb59bcbf3
SHA1 hash:
4e80fa7d98c8e87facecdef0fc7de0d957d809e1
Detections:
INDICATOR_TOOL_EXP_EternalBlue
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Parent samples :
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
f2af31b74bfe1648b8c06ce5b3869e81ce8caafe4a265e007af4036af3448ae7
dc1e68fc5367bd44af8bec53aa4d33e9a50c1012be139eeb056f45b0b365fa1a
c751d97251cd67604c0256b779fabac87d4ed2d647ce0d830e2a1670cd3616c6
SH256 hash:
e9cf877ad5c3a77a7f1b8f0fbdee178cb4f65b61432f26b4c293780e769bf186
MD5 hash:
30d0a7454c1f66e47b49b5ea49f6b2b2
SHA1 hash:
d93c0ce4a336b59417851423b4754b72cab8c1f6
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
7ae8576a084264c06bd9d038f21ff694f2953d3a07d12e34d2f5425b1ec349a5
MD5 hash:
d466539d80488ff90df7b3ae01276555
SHA1 hash:
ac09675dbae484d8b8ef7bf28a74176c28ae91c8
Detections:
SUSP_XORed_MSDOS_Stub_Message
Create hunting rule
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
SH256 hash:
44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a
MD5 hash:
0692382a5ccf0b0b9406a434352bcd66
SHA1 hash:
d67f6d9f3353d712c13a96b00f87f4c9d511e26d
Link:
https://www.unpac.me/results/458b2aa0-1dea-4556-a41c-3878cef826a8/
Malware family:
Equation Group
Create hunting rule
Verdict:
Malicious
Link:
https://www.vmray.com/analyses/_mb/44c11f2419a7/report/overview.html
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/44c11f2419a7650053168843f0c092a45187920bec71ede3d26473472575ee6a

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:Borland
Create hunting rule
Author:malware-lu

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/472342/

Comments